From 71c2e37414e1dc62383a374290a7eae3ba165996 Mon Sep 17 00:00:00 2001
From: Michael Sproul <michael@sigmaprime.io>
Date: Thu, 1 Aug 2024 16:46:37 +1000
Subject: [PATCH] Work around UB in LMDB bindings (#6211)

* Work around UB in LMDB bindings
---
 slasher/src/database/lmdb_impl.rs | 6 +++++-
 slasher/tests/random.rs           | 5 +++++
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/slasher/src/database/lmdb_impl.rs b/slasher/src/database/lmdb_impl.rs
index 20d89a36fb0..74342968cfa 100644
--- a/slasher/src/database/lmdb_impl.rs
+++ b/slasher/src/database/lmdb_impl.rs
@@ -165,8 +165,12 @@ impl<'env> Cursor<'env> {
     }
 
     pub fn get_current(&mut self) -> Result<Option<(Key<'env>, Value<'env>)>, Error> {
+        // FIXME: lmdb has an extremely broken API which can mutate the SHARED REFERENCE
+        // `value` after `get_current` is called. We need to convert it to a Vec here in order
+        // to avoid `value` changing after another cursor operation. I think this represents a bug
+        // in the LMDB bindings, as shared references should be immutable.
         if let Some((Some(key), value)) = self.cursor.get(None, None, MDB_GET_CURRENT).optional()? {
-            Ok(Some((Cow::Borrowed(key), Cow::Borrowed(value))))
+            Ok(Some((Cow::Borrowed(key), Cow::Owned(value.to_vec()))))
         } else {
             Ok(None)
         }
diff --git a/slasher/tests/random.rs b/slasher/tests/random.rs
index 0aaaa63f65c..0ba2986d44b 100644
--- a/slasher/tests/random.rs
+++ b/slasher/tests/random.rs
@@ -235,3 +235,8 @@ fn no_crash_blocks_example1() {
         },
     );
 }
+
+#[test]
+fn no_crash_aug_24() {
+    random_test(13519442335106054152, TestConfig::default())
+}